urlscan.io logo urlscan.io
SecurityTrails logo

oaxyteek.net Open in urlscan Pro
172.64.168.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://magybu.net/ad/locked?rndad=1591007213-1656003250&url=3Rhqi&t=s&subid=26201253&h=89918
Effective URL: http://oaxyteek.net/not-found.php
Submission Tags: falconsandbox
Submission: On February 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 20 HTTP transactions. The main IP is 172.64.168.34, located in United States and belongs to CLOUDFLARENET, US. The main domain is oaxyteek.net. The Cisco Umbrella rank of the primary domain is 194213.
This is the only time oaxyteek.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 172.67.72.175 13335 (CLOUDFLAR...)
1 2 172.64.168.34 13335 (CLOUDFLAR...)
3 188.114.97.12 13335 (CLOUDFLAR...)
2 13.32.23.30 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
1 35.190.71.96 15169 (GOOGLE)
2 172.64.107.19 13335 (CLOUDFLAR...)
2 13.32.110.20 16509 (AMAZON-02)
1 13.32.110.41 16509 (AMAZON-02)
1 3 188.114.97.3 13335 (CLOUDFLAR...)
20 13
2    172.67.72.175 (United States)

ASN13335 (CLOUDFLARENET, US)
magybu.net
2    172.64.168.34 (United States)

ASN13335 (CLOUDFLARENET, US)
oaxyteek.net
3    188.114.97.12 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cdn.ay.gy
2    13.32.23.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-30.fra56.r.cloudfront.net
d1nmxiiewlx627.cloudfront.net
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700::6811:e820 (United States)

ASN13335 (CLOUDFLARENET, US)
fbcdn2.com
1    2606:4700:3037::ac43:8e31 (United States)

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    35.190.71.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com
onclickgenius.com
2    172.64.107.19 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
2    13.32.110.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-20.vie50.r.cloudfront.net
desigactinific.org
1    13.32.110.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-41.vie50.r.cloudfront.net
desigactinific.org
3    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
ebutiseemedlikeal.xyz
Apex Domain
Subdomains		 Transfer
3 ebutiseemedlikeal.xyz
ebutiseemedlikeal.xyz
2 KB
3 desigactinific.org
desigactinific.org
4 KB
3 ay.gy
cdn.ay.gy
22 KB
2 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 30031
101 KB
2 fbcdn2.com
fbcdn2.com — Cisco Umbrella Rank: 508725
14 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
119 KB
2 cloudfront.net
d1nmxiiewlx627.cloudfront.net
37 KB
2 oaxyteek.net
oaxyteek.net — Cisco Umbrella Rank: 194213
5 KB
2 magybu.net
magybu.net
2 KB
1 onclickgenius.com
onclickgenius.com — Cisco Umbrella Rank: 212295
132 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2506
251 B
1 ufpcdn.com
ufpcdn.com — Cisco Umbrella Rank: 182865
2 KB
20 12
Domain Requested by
3 ebutiseemedlikeal.xyz 1 redirects oaxyteek.net
3 desigactinific.org d1nmxiiewlx627.cloudfront.net
3 cdn.ay.gy oaxyteek.net
cdn.ay.gy
2 pogothere.xyz d1nmxiiewlx627.cloudfront.net
2 fbcdn2.com oaxyteek.net
fbcdn2.com
2 www.googletagmanager.com oaxyteek.net
www.googletagmanager.com
2 d1nmxiiewlx627.cloudfront.net oaxyteek.net
desigactinific.org
2 oaxyteek.net 1 redirects
2 magybu.net 2 redirects
1 onclickgenius.com fbcdn2.com
1 region1.google-analytics.com www.googletagmanager.com
1 ufpcdn.com fbcdn2.com
20 12

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.pogothere.xyz
E1		 2022-12-31 -
2023-03-31		 3 months crt.sh
desigactinific.org
Amazon RSA 2048 M01		 2023-02-16 -
2024-03-16		 a year crt.sh
*.ebutiseemedlikeal.xyz
GTS CA 1P5		 2023-02-09 -
2023-05-10		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://oaxyteek.net/not-found.php
Frame ID: 176A4283003965FE1ED043B3D08750A2
Requests: 17 HTTP requests in this frame

Frame: http://ufpcdn.com/script/identify.html?frmt=0
Frame ID: AD5B04DB19A383B978A760236BF497CD
Requests: 1 HTTP requests in this frame

Frame: http://desigactinific.org/cmd0TEcTBRcheBNaFmoyAAtJaXU0QkYKI0MJGTQuGwIDID9EVUNiJB4IASghAAgaOGkcAgBpdTQtLhkRIj0YCQA5DjENJRoiBwd2BgoiFD9XVTIZdRYjODYwODcMGnM8MSUUDRomIxkUNwg/CB0zLSZ0LxELLn8EITYcDRAKIz0PAjQFMh4tPgA9NhA6IQQJLjcsOCIOIjcDKz44Nh91ARsqHx0EIyIRDw44LAM7NzsQEHwRBSlCHwA0JhB/fj0tEzs1ORAfIQEfJU0aLUo1LQR2JT4yGjUUVzolDUAlTRouKyo/fyshAzIVDxMLJiQPKilDGHQgPxAfakYwPR0sFSg1AT02DgN7FkAqHi8PCjUSfR0IBhgeLyY0QCICGBA+FQ9CCxAKI0MuA3RxMyA2dREYPjUGLiMtEQkFQQEDGXI0HhslBkE1LA10Rz8tGTNDPiICKyo/JiQRQCEiFQ9DMD0rFhgrHB1zIy8XBhJALSctdAo2EDQFRgETai0BCBo8eghVMg8SK1AEASoL
Frame ID: CDB2CA98016B059D5B764ECDEAB99F8B
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: F09E7ACCCA6F53E5851B66FDD6ABB890
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AdF.ly - Not Found

Page URL History Show full URLs

  1. http://magybu.net/ad/locked?rndad=1591007213-1656003250&url=3Rhqi&t=s&subid=26201253&h=89918 HTTP 302
    http://magybu.net/3Rhqi HTTP 301
    http://oaxyteek.net/-104125FQAN/3Rhqi?rndad=2454091086-1676850747 HTTP 302
    http://oaxyteek.net/not-found.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

20
Requests

40 %
HTTPS

31 %
IPv6

12
Domains

12
Subdomains

13
IPs

3
Countries

304 kB
Transfer

612 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://magybu.net/ad/locked?rndad=1591007213-1656003250&url=3Rhqi&t=s&subid=26201253&h=89918 HTTP 302
    http://magybu.net/3Rhqi HTTP 301
    http://oaxyteek.net/-104125FQAN/3Rhqi?rndad=2454091086-1676850747 HTTP 302
    http://oaxyteek.net/not-found.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • http://ebutiseemedlikeal.xyz/popunder.gif HTTP 301
  • https://ebutiseemedlikeal.xyz/popunder.gif

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request not-found.php
oaxyteek.net/
Redirect Chain
  • http://magybu.net/ad/locked?rndad=1591007213-1656003250&url=3Rhqi&t=s&subid=26201253&h=89918
  • http://magybu.net/3Rhqi
  • http://oaxyteek.net/-104125FQAN/3Rhqi?rndad=2454091086-1676850747
  • http://oaxyteek.net/not-found.php
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://oaxyteek.net/not-found.php
Protocol
HTTP/1.1
Server
172.64.168.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
b7e81729bff04d65e440cfed30e6df710c501983ae67b21de586024dc7868274

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
79c2ea982b08bb9b-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 19 Feb 2023 23:52:28 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jaUsKyrCq2v69t%2F68bwbM3YuE%2F57Ky5%2B7kvP4O0usLiFwkx3CVJVu%2FGhu24QbphhtwA4fJZFCUByTCyHHHJisE%2FdSLfEk8KZ7y4x%2B0eMiV1OD6om1zZRKdkYeuhbGdM%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vary
Accept-Encoding
x-powered-by
PHP/7.3.27
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
79c2ea975a66bb9b-FRA
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 19 Feb 2023 23:52:28 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihTc%2FuePOoSzpN2Trc%2BT%2BGp6CGum4cZpOPufe3MOfqsfAsKdT6u45QL%2BhDAsnok2dUNeEEbPhisXtb5v43TlZQ3UGdcSW1O9cxi0JxgZrEL70gtEZM%2F7lh0PIgqVRSw%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/not-found.php
pragma
no-cache
strict-transport-security
max-age=0
x-powered-by
adfly
x-turbo-charged-by
LiteSpeed
static.css
cdn.ay.gy/static/css/ 		294 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdn.ay.gy/static/css/static.css
Requested by
Host: oaxyteek.net
URL: http://oaxyteek.net/not-found.php
Protocol
HTTP/1.1
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5053408759f620e648176400c2b59c685e7cea1a0bdb8b41275dee3f00e7fa65

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Sun, 19 Feb 2023 23:52:28 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1283
Cf-Polished
origSize=420
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj
minify
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
W/"1a4-5faa60e6-959389537b65d2c0;gz"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOde4muJbhRtfFxYsNp%2FdgCZqjl091p75h9RI%2FVUbhxCU7K2P4f%2FVcR9Lg3B6nYgIEL1cJCn1fZsyNfouGfKg2Lu0rdctD0hnxmBwGBEEprLKcrEFdnKQbqt4LY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
CF-RAY
79c2ea990cfa2bea-FRA
expires
Sun, 26 Feb 2023 23:31:04 GMT
/
d1nmxiiewlx627.cloudfront.net/ 		105 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056
Requested by
Host: oaxyteek.net
URL: http://oaxyteek.net/not-found.php
Protocol
HTTP/1.1
Server
13.32.23.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-30.fra56.r.cloudfront.net
Software
/
Resource Hash
bb0c9f8f3adc7c923ea3862d1a60e00ba13f047c91a4caa79b66d0f0191bff2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Feb 2023 23:52:28 GMT
content-encoding
gzip
Via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
36166
X-Amz-Cf-Id
c6FQ9zOsUNgltKIMD3RKJAb7EGnzy_sLDHmpMUgBzknBvQgVQdy97w==
gtm.js
www.googletagmanager.com/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ
Requested by
Host: oaxyteek.net
URL: http://oaxyteek.net/not-found.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8f1a32e036d95bb20b54fd6f4962bddb66ce6de9aac5d9e2db7c59f29a3253fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 23:52:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40971
x-xss-protection
0
last-modified
Sun, 19 Feb 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 19 Feb 2023 23:52:28 GMT
compatibility.js
fbcdn2.com/script/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fbcdn2.com/script/compatibility.js
Requested by
Host: oaxyteek.net
URL: http://oaxyteek.net/not-found.php
Protocol
HTTP/1.1
Server
2606:4700::6811:e820 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cb4263ccaaa637a20896180c003024db4b27f66c7fda6369bf852176003422c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Sun, 19 Feb 2023 23:52:28 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
532
Transfer-Encoding
chunked
X-GUploader-UploadID
ADPycdvlxu67fmSufdv2DxbqqijKsYsDfI56wssurgOqEDnQ-Z8fv_ul4tuUjG2B2ycKZ9EPfYK5fhCvK40P4TBcwJ3ZsrX8oTYB
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Last-Modified
Tue, 21 Jun 2022 09:08:43 GMT
Server
cloudflare
ETag
W/"946bb9192a14e6dad035a9ec8178f073"
Vary
Accept-Encoding
x-goog-generation
1655802523449377
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=COVK0Q==, md5=lGu5GSoU5trQNansgXjwcw==
Cache-Control
public, max-age=14400
x-goog-stored-content-length
14461
CF-RAY
79c2ea9949499975-FRA
Expires
Mon, 20 Feb 2023 03:52:28 GMT
header_gradient.jpg
cdn.ay.gy/static/image/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.ay.gy/static/image/header_gradient.jpg
Requested by
Host: cdn.ay.gy
URL: http://cdn.ay.gy/static/css/static.css
Protocol
HTTP/1.1
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31046d9e08a11c69776b85464fbb52bd99e83950b368c556a280cbad09e164b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.ay.gy/static/css/static.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Sun, 19 Feb 2023 23:52:28 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1166
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
8872
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"22a8-5faa60e6-8ea5f64bb41938f5;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRh6gRW5xxUJC%2F%2FRFSSPLaTQ7krcjQ0bweTZiduY6Q0Llq506dBKtdJ%2BgWD561EyvCFe0PpSLlf00SZZIyVQ4NHBPGvHcv4WRZnjFPGVRImytaeIoNbLw4gWyxQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
79c2ea992d182bea-FRA
expires
Sun, 26 Feb 2023 23:33:02 GMT
logo.png
cdn.ay.gy/static/image/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.ay.gy/static/image/logo.png
Requested by
Host: cdn.ay.gy
URL: http://cdn.ay.gy/static/css/static.css
Protocol
HTTP/1.1
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.ay.gy/static/css/static.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Sun, 19 Feb 2023 23:52:28 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2954
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
10726
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"29e6-5faa60e6-b22ed065d915c717;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTZXVoN0J6d9cV8R0zenWCrkx%2FgOXTAdrDXmjtYjKFyIgUi64knwMj5q9JhkLM5HkzayXfsiPvpD26wR4%2BvWPGUelBnBxWEVOEFzGpHDCR5FXx0de%2FUBbXVeHEY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
79c2ea992c163764-FRA
expires
Sun, 26 Feb 2023 23:03:14 GMT
js
www.googletagmanager.com/gtag/ 		226 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GT41R23D5L&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
37b914a2e088a3d6b3663b949785db583675288a253dd21f3175cfbf4bc7d743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 23:52:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80136
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 19 Feb 2023 23:52:28 GMT
identify.html
ufpcdn.com/script/ Frame AD5B 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: fbcdn2.com
URL: http://fbcdn2.com/script/compatibility.js
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

Referer
http://oaxyteek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
79c2ea9998f79247-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 19 Feb 2023 23:52:28 GMT
Last-Modified
Tue, 15 May 2018 06:39:25 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZaNk47L%2BW6xoXl%2FoJOjFD79k%2Fag4nVJVVUsBi0HpD8ca0Tg0visU2Nq%2FVdJs4x64S%2FwCpfgMHTz8PNfDCJLCdCz%2BU2%2F%2FERl4MbH71oaZCFuaTXn0RnguUZ%2BTStZqQSLgxl8imUFmnxy"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GT41R23D5L&gtm=45je32f0&_p=1385926019&cid=1765487911.1676850748&ul=en-us&sr=1600x1200&_s=1&sid=1676850748&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2Fnot-found.php&dt=AdF.ly%20-%20Not%20Found&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GT41R23D5L&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Feb 2023 23:52:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://oaxyteek.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
suurl.php
onclickgenius.com/script/ 		0
132 B 		Script
General
Check archive.org
Download Go to
Full URL
http://onclickgenius.com/script/suurl.php?r=2984815&cbrandom=0.6163744512191944&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=AdF.ly%20-%20Not%20Found&cbref=&cbdescription=&cbkeywords=&cbcdn=fbcdn2.com&ufp=12030031121300659921793133377
Requested by
Host: fbcdn2.com
URL: http://fbcdn2.com/script/compatibility.js
Protocol
HTTP/1.1
Server
35.190.71.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.71.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 19 Feb 2023 23:52:28 GMT
Via
1.1 google
Server
openresty
chrome.js
fbcdn2.com/script/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fbcdn2.com/script/chrome.js
Requested by
Host: fbcdn2.com
URL: http://fbcdn2.com/script/compatibility.js
Protocol
HTTP/1.1
Server
2606:4700::6811:e820 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc5887cd65b601571ba60ff7e1b7af9d962582dc3dc249484d31683933f890a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Sun, 19 Feb 2023 23:52:28 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
442
Transfer-Encoding
chunked
X-GUploader-UploadID
ADPycduXXl4rLNmrs-N_QPteJCJorhVsuZi64ya1XbryuZiNaajvOaCt4_UdoLYcd7H3_fXBkmoMbf31Otjmt3fn6i_acNr8LTlD
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Last-Modified
Tue, 21 Jun 2022 09:08:35 GMT
Server
cloudflare
ETag
W/"570f12f75cff1a833ca0c6d20df2d678"
Vary
Accept-Encoding
x-goog-generation
1655802515177297
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=+lXQYg==, md5=Vw8S91z/GoM8oMbSDfLWeA==
Cache-Control
public, max-age=14400
x-goog-stored-content-length
25892
CF-RAY
79c2ea9a9a469975-FRA
Expires
Mon, 20 Feb 2023 03:52:28 GMT
asd100.bin
pogothere.xyz/ 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d1nmxiiewlx627.cloudfront.net
URL: http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.107.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 23:52:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6603
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 19 Feb 2023 22:02:25 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
http://oaxyteek.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9mJi3Q8L9zMvHO1e2wQIEAMGK%2FQvo66Oo38Vaf%2By2cdjlnwkkRQTjoJ0BH1EE4MP4%2FkWwAJn1EQkSlw71e%2BWsPi2qkANikcs6XUDWO79U%2Bmeu6jbxj3n4k9QPJ35Qag"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
79c2ea9c1b4f912b-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		26 B
369 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d1nmxiiewlx627.cloudfront.net
URL: http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.107.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbf44560969909e4a69458cddb217a904f38d2ae0d7d90c5f9b65c2b2f8d3231

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 23:52:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8x4A%2BQ7i%2BwSDlZvIMZ3XGuDUYc87sD4dviYciUS9hETgUxTbdO2qkOh59ya6NfwCkavQ%2BsaNDo%2Fw81ZXN0bhnQkRJpnPgoT4sM9jeDZs8ekcuNZjAhdSMukEJWIV5UiI"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
http://oaxyteek.net
content-type
text/plain
access-control-allow-credentials
true
cf-ray
79c2ea9c1b51912b-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
desigactinific.org/ 		0
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://desigactinific.org/utx?cb=3R2QGTiOg3M5&top=oaxyteek.net&tid=709056
Requested by
Host: d1nmxiiewlx627.cloudfront.net
URL: http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-20.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Feb 2023 23:52:28 GMT
via
1.1 3d4555926457517be3e728d2175d92a2.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://oaxyteek.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
3OonC_Cu23niMZN-pwrpA2vCrp7T6z0tyfIsjACjNRc4Q6mzbfkWHg==
JiQRQCEiFQ9DMD0rFhgrHB1zIy8XBhJALSctdAo2EDQFRgETai0BCBo8eghVMg8SK1AEASoL
desigactinific.org/cmd0TEcTBRcheBNaFmoyAAtJaXU0QkYKI0MJGTQuGwIDID9EVUNiJB4IASghAAgaOGkcAgBpdTQtLhkRIj0YCQA5DjENJRoiBwd2BgoiFD9XVTIZdRYjODYwODcMGnM8MSUUDRomIxkUNwg/CB0zLSZ0LxELLn8EITYcDRAKIz0PAjQFMh... Frame CDB2 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://desigactinific.org/cmd0TEcTBRcheBNaFmoyAAtJaXU0QkYKI0MJGTQuGwIDID9EVUNiJB4IASghAAgaOGkcAgBpdTQtLhkRIj0YCQA5DjENJRoiBwd2BgoiFD9XVTIZdRYjODYwODcMGnM8MSUUDRomIxkUNwg/CB0zLSZ0LxELLn8EITYcDRAKIz0PAjQFMh4tPgA9NhA6IQQJLjcsOCIOIjcDKz44Nh91ARsqHx0EIyIRDw44LAM7NzsQEHwRBSlCHwA0JhB/fj0tEzs1ORAfIQEfJU0aLUo1LQR2JT4yGjUUVzolDUAlTRouKyo/fyshAzIVDxMLJiQPKilDGHQgPxAfakYwPR0sFSg1AT02DgN7FkAqHi8PCjUSfR0IBhgeLyY0QCICGBA+FQ9CCxAKI0MuA3RxMyA2dREYPjUGLiMtEQkFQQEDGXI0HhslBkE1LA10Rz8tGTNDPiICKyo/JiQRQCEiFQ9DMD0rFhgrHB1zIy8XBhJALSctdAo2EDQFRgETai0BCBo8eghVMg8SK1AEASoL
Requested by
Host: d1nmxiiewlx627.cloudfront.net
URL: http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056
Protocol
HTTP/1.1
Server
13.32.110.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-41.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
3b4983a09f40a0c84a0f6fad2d91dda74094c329a341b7e6ee322a92f562c1ed

Request headers

Referer
http://oaxyteek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Connection
keep-alive
Content-Length
1237
Content-Type
text/html
Date
Sun, 19 Feb 2023 23:52:28 GMT
P3P
CP="NID DSP ALL COR"
Pragma
no-cache
Server
openresty/1.17.8.2
Via
1.1 de5338eac881cf5d87f2d811c3b7417c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
ts-7jEsluUhkNjcWVPia4nxiseZjftiM-QYLpwI2sEpvrEpHZTnsTg==
X-Amz-Cf-Pop
VIE50-C2
X-Cache
Miss from cloudfront
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
Q2dTblJsWDAdbxozETQxFBMBLQUBIgsCCwYFYyQGFRARHgByLnUaOydaZF5rc1JlSCIqA25ca2UUJw8mNhRuX3QqCTUBb2URbl98c0llXnxxQSZTY2UTIw81flZ1HiY3C25fZHRRa1tidFNrWWV2
ebutiseemedlikeal.xyz/ 		0
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ebutiseemedlikeal.xyz/Q2dTblJsWDAdbxozETQxFBMBLQUBIgsCCwYFYyQGFRARHgByLnUaOydaZF5rc1JlSCIqA25ca2UUJw8mNhRuX3QqCTUBb2URbl98c0llXnxxQSZTY2UTIw81flZ1HiY3C25fZHRRa1tidFNrWWV2
Requested by
Host: oaxyteek.net
URL: http://oaxyteek.net/not-found.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 23:52:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rjxho6q9dGetK7BcdVVoSzn4cLh%2BSQZ6H45WtHtsMVvuqtgFqvLkyYwoEJLp3s2fFi55YhuJbmDuPhiU4LD45%2BjmnkLSwJNWKV%2FuMo1lC0n8PAwKekp%2B7wC8YG1mQ9Zdi8d8N%2BuVmfM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
79c2ea9c2b239bec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
U2dDLzwJPxV4NVQXJhAWUSEoKDZAJR8hclZ3CSQhAWxDICEFbFRjLgIzWHFpEiEKLnIPPwgyJQk9FiMkQCQEeCIJKwwpIwd0VwN6SGFAd39OJgwrKwkmFmB9Vj8RYH1WYFVrf0NiJ2B9ViYMK3lSdFYHalRhHXN7T3RXdS-4WIQkgOAMzDiw7Q2MjcHxRf1ZzalRh...
d1nmxiiewlx627.cloudfront.net/JZUVPZlEGKiEAbhEsK1tmVXx/ Frame CDB2 		603 B
848 B 		Script
General
Check archive.org
Download Go to
Full URL
http://d1nmxiiewlx627.cloudfront.net/JZUVPZlEGKiEAbhEsK1tmVXx/U2dDLzwJPxV4NVQXJhAWUSEoKDZAJR8hclZ3CSQhAWxDICEFbFRjLgIzWHFpEiEKLnIPPwgyJQk9FiMkQCQEeCIJKwwpIwd0VwN6SGFAd39OJgwrKwkmFmB9Vj8RYH1WYFVrf0NiJ2B9ViYMK3lSdFYHalRhHXN7T3RXdS-4WIQkgOAMzDiw7Q2MjcHxRf1ZzalRhTS4nEjwJYH0ldFd1Iw86AGB9VjYAJiQJeEB3fwU5FyoiA3RXA35XYUt1YVNlXXRhV2FVYH1WIgQjLhQ4QHcJU2JSa3xQdxB4fg
Requested by
Host: desigactinific.org
URL: http://desigactinific.org/cmd0TEcTBRcheBNaFmoyAAtJaXU0QkYKI0MJGTQuGwIDID9EVUNiJB4IASghAAgaOGkcAgBpdTQtLhkRIj0YCQA5DjENJRoiBwd2BgoiFD9XVTIZdRYjODYwODcMGnM8MSUUDRomIxkUNwg/CB0zLSZ0LxELLn8EITYcDRAKIz0PAjQFMh4tPgA9NhA6IQQJLjcsOCIOIjcDKz44Nh91ARsqHx0EIyIRDw44LAM7NzsQEHwRBSlCHwA0JhB/fj0tEzs1ORAfIQEfJU0aLUo1LQR2JT4yGjUUVzolDUAlTRouKyo/fyshAzIVDxMLJiQPKilDGHQgPxAfakYwPR0sFSg1AT02DgN7FkAqHi8PCjUSfR0IBhgeLyY0QCICGBA+FQ9CCxAKI0MuA3RxMyA2dREYPjUGLiMtEQkFQQEDGXI0HhslBkE1LA10Rz8tGTNDPiICKyo/JiQRQCEiFQ9DMD0rFhgrHB1zIy8XBhJALSctdAo2EDQFRgETai0BCBo8eghVMg8SK1AEASoL
Protocol
HTTP/1.1
Server
13.32.23.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-30.fra56.r.cloudfront.net
Software
/
Resource Hash
f629dd7a28384186e9c9558bd82d8ab9af322aee4e0a7d48e73139900d3c5591

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://desigactinific.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Sun, 19 Feb 2023 23:52:29 GMT
content-encoding
gzip
Via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
Connection
keep-alive
Content-Length
461
X-Amz-Cf-Id
B1DAjysEHqZ4LoNqV0tqKaSBMOQLGUrBelCScZAnMwltwcZw0Ze4HQ==
popunder.gif
ebutiseemedlikeal.xyz/
Redirect Chain
  • http://ebutiseemedlikeal.xyz/popunder.gif
  • https://ebutiseemedlikeal.xyz/popunder.gif
35 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ebutiseemedlikeal.xyz/popunder.gif
Protocol
H2
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
public
date
Sun, 19 Feb 2023 23:52:29 GMT
cf-cache-status
HIT
last-modified
Sun, 19 Feb 2023 23:16:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2187
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mFTpjQs%2B8fN4AB8vk6GPu93UZFA4DD6kyrHAfgIGAKcGXfj8Y7cb1kdFGwJzQXPVvcr7gfaO4v401SJ5Jz8BVfL3OvUq5IbHzp0MtvAfsADN44LG8ETL2iN5g9mFgNigLnqpb6Y0zm0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
79c2ea9e8d759bec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Sun, 19 Feb 2023 23:52:29 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuQHH14R5Vnz0GuqunJwNZlDH3L0qq9NEsr29vDEsZ%2FDorNcc0KfpuIRvT%2BZJBWR11TvHhN34XpfVjcFIt5EeF5GdGFnvWCbmL4fo3gs%2Fw%2Bu27djYW9zlwXGFccMX2c2NMaG%2B%2BVDVfI%3D"}],"group":"cf-nel","max_age":604800}
Location
https://ebutiseemedlikeal.xyz/popunder.gif
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
79c2ea9e68523616-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
Mon, 20 Feb 2023 00:52:29 GMT
multi
desigactinific.org/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://desigactinific.org/multi?cs=ZjYwdVdWDwlAYlECBkZvUAYAQ24&abt=0&red=1&sm=76&k=&v=1.0.60.2&sts=0&prn=0&emb=0&tid=709056&rxy=1600_1200&u=843395537113497&agec=1676850748&fs=1&mbkb=1515.151515151515&ref=http%3A%2F%2Foaxyteek.net%2Fnot-found.php&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F110.0.5481.100%20safari%2F537.36&tzd=0&uloc=&if=0&_OffX=1676850749218&crc=1
Requested by
Host: d1nmxiiewlx627.cloudfront.net
URL: http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-20.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
f9372e06be985d2fda83ab9f242974da93dcadc191e45388e195c861916947bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Feb 2023 23:52:29 GMT
content-encoding
gzip
via
1.1 3d4555926457517be3e728d2175d92a2.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
content-type
text/plain
access-control-allow-origin
http://oaxyteek.net
p3p
CP="NID DSP ALL COR"
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-length
1499
x-amz-cf-id
yBaBegbY8G_MRm9Qn9MrvadcgtgUujJyWDf3n_Nr0bA6j0RDM9t2NQ==
truncated
/ Frame F09E 		900 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0efc53d98f21fefc32d8ad84c673919c539b0b3feb2dc96598cbeb58883bd04c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| oncontentvisibilityautostatechange object| dataLayer object| _0x3f76 function| _0x5339 object| adcashMacros object| zoneSett object| urls object| iceConfig object| _0x585b function| _0x1442 function| runAdblock object| _0x4c8a function| _0xddae function| acPrefetch object| CTABPu object| google_tag_manager function| ufpAttach object| CTAMAT number| delay object| adcashUfp function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal object| Cnac object| stamat function| NqPnfu013064796151384117 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa number| LAST_CORRECT_EVENT_TIME number| _2328677372 function| fa

6 Cookies

Domain/Path Name / Value
magybu.net/ Name: FLYSESSID
Value: nbcfemd53eifdb81e0evr63aji
oaxyteek.net/ Name: FLYSESSID
Value: 8jr29v9aq2pa2abh4nkquk47cq
.oaxyteek.net/ Name: _ga
Value: GA1.1.1765487911.1676850748
.oaxyteek.net/ Name: _ga_GT41R23D5L
Value: GS1.1.1676850748.1.0.1676850748.0.0.0
oaxyteek.net/ Name: adcashufpv3
Value: 12030031121300659921793133377
pogothere.xyz/ Name: csu
Value: 843395537113497@1@1676850748

1 Console Messages

Source Level URL
Text
network error URL: http://oaxyteek.net/not-found.php
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ay.gy
d1nmxiiewlx627.cloudfront.net
desigactinific.org
ebutiseemedlikeal.xyz
fbcdn2.com
magybu.net
oaxyteek.net
onclickgenius.com
pogothere.xyz
region1.google-analytics.com
ufpcdn.com
www.googletagmanager.com
13.32.110.20
13.32.110.41
13.32.23.30
172.64.107.19
172.64.168.34
172.67.72.175
188.114.97.12
188.114.97.3
2001:4860:4802:34::36
2606:4700:3037::ac43:8e31
2606:4700::6811:e820
2a00:1450:4001:80b::2008
35.190.71.96
0efc53d98f21fefc32d8ad84c673919c539b0b3feb2dc96598cbeb58883bd04c
196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a
31046d9e08a11c69776b85464fbb52bd99e83950b368c556a280cbad09e164b4
37b914a2e088a3d6b3663b949785db583675288a253dd21f3175cfbf4bc7d743
3b4983a09f40a0c84a0f6fad2d91dda74094c329a341b7e6ee322a92f562c1ed
5053408759f620e648176400c2b59c685e7cea1a0bdb8b41275dee3f00e7fa65
7cb4263ccaaa637a20896180c003024db4b27f66c7fda6369bf852176003422c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f1a32e036d95bb20b54fd6f4962bddb66ce6de9aac5d9e2db7c59f29a3253fc
b7e81729bff04d65e440cfed30e6df710c501983ae67b21de586024dc7868274
bb0c9f8f3adc7c923ea3862d1a60e00ba13f047c91a4caa79b66d0f0191bff2a
cc5887cd65b601571ba60ff7e1b7af9d962582dc3dc249484d31683933f890a0
dbf44560969909e4a69458cddb217a904f38d2ae0d7d90c5f9b65c2b2f8d3231
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f629dd7a28384186e9c9558bd82d8ab9af322aee4e0a7d48e73139900d3c5591
f9372e06be985d2fda83ab9f242974da93dcadc191e45388e195c861916947bc
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a